Human guard enhancing multiple site security system

ABSTRACT

Provided is a human guard enhancing multiple site security system comprising one or more human guards, peripheral equipment positioned at one or more sites, said peripheral equipment comprising one or more of a plurality of sensors, video cameras, positioning systems, and mobile communication and data processing equipment, said peripheral equipment being further capable of collecting and transmitting event-related and environmental data, one or more checkpoint systems capable of receiving, processing into a standardized protocol, and further relaying the data received from said peripheral equipment, and of providing said one or more guards with information based on the data, and one or more stations capable of logging, processing, and reporting the data relayed from said one or more checkpoint systems to provide a security system status and to facilitate human supervision, situation analysis, decision making, and intervention. The system includes a computer implemented communications protocol, which is an XML based communications protocol for real time security alert monitoring purposes. The XML based communications protocol consists of numerous modules which receive and convert data messages from varying security devices and sensors, standardize, translate and send converted messages, and encrypt and decrypt said data messages.

TECHNICAL FIELD

The present invention relates to a guard enhancing multiple siteintegrated security system and method of making same. More particularly,the present invention relates to a human security guard oriented systemof security service, training and multiple site monitoring, whichfacilitates communications between real time security hardware and areal time security alert monitoring thereby providing human securityguards with the latest technology to make them more intelligent andresponsive within a complex interactive environment.

BACKGROUND ART

In addition to traditional threats to security such as burglary,vandalism and arson, today's complex national and internationalpolitical conflicts are putting increased pressure on facilities andorganizations of all kinds to provide effective security systems for thesafety and protection of personnel, property and surroundings.

Devices and systems for the provision of safety and security of personsand property are well known. Examples of different types and kinds ofsecurity systems for protection and surveillance methods of buildingstructures and surrounding areas are disclosed in numerous worldwidepatents.

In general, the structure and function of most security systems involveselectronic surveillance equipment monitored at a centralized location.Current development of security systems attempts to do away withhuman-oriented services and replace the human security guard with hightechnology solutions to security problems. Only a limited number ofcurrently developed security systems utilize a combination of guards inclose conjunction with the electronic equipment. Most of the time, thesesystems involve one guard who monitors a video feed or alarm panel forintrusion or other related alerts. These security systems are commonlybuilt, installed and implemented without any regard for the particularfacilities of other systems, for example, the facilities of built-inenvironmental and climate control, the tracking of people and assetswithin the building or complex, and fire/smoke detection as well astransport systems such as elevators, etc.

Therefore, it would be highly desirable to have a new and improvedsecurity system which not only enhances the human security guardservices, but also integrates facilities management, and allows for realtime identification, global positioning satellite (GPS) tracking, radiofrequency identification (RFID) tracking, Wi-Fi and other trackingmethods for people as well as assets such as computers, and othervaluable instrumentation, all in a readily scalable configurationutilizing off the shelf electronic security and communicationscomponents.

An electronic surveillance system for remote guarding of an area usingan operator station including a signal receiver with television display,radiant energy selection control, and energy level controller is knownin the prior art. Such a device remotely controls and directs anapparatus “weapon” for integration with traditionally securedfacilities, remote detection devices, closed circuit TV, and aremotely-located, manned control station. While such a computerizedsystem is helpful in detection of unauthorized personnel in a given areaand does seek to incorporate pre-existing security devices, there is noprovision which would allow for the irreplaceable and highly effectivepresence of human security guards, guards that are further enhanced byelectronic wireless communications and monitoring.

Additionally, the entire system depends upon the installation andpresence of numerous hard wired security devices in a given area and isnot readily scalable to incorporate larger areas in the surveillancearea in a short period of time without extensive outlay of effort andinstallation of new equipment. The acoustic energy “weapon” used as adeterrent to intruders is not confined to any given space and might posea threat to anyone, including authorized individuals, within hearingdistance.

Therefore, it would be highly desirable to have a new and improvedenhanced security guard system which would allow for computerized andwireless communications and monitoring of human security guards andtheir activities with a centralized location, in addition toconventional security devices and which would be scalable with minimaltime and material expenditure, and which would provide for human guardsto act as a more rapid and effective deterrent to intruders.

The conventional exit guard system addresses the requirements ofproviding areas with detection of movement of a subject along an exitpath in an unauthorized direction. This system further provides for ahuman monitor at a centralized location with added supervision of thedeactivation of the security alarm system only by authorized personnel.

However, within this system there is no human security guard on siteactively patrolling the area. This electronically augmented humanpresence is irreplaceable as a deterrent to potential intruders as wellas providing for flexibility in terms of monitoring and responding to avariety of situations that might arise.

Therefore, it would be highly desirable to have a new and improved,technologically augmented human presence automatically reporting to acentralized location, or a remote monitoring station throughcommunications over a global computer network, cellular telephonenetwork, or via satellite link, which could then monitor and recordguard activities as well as utilize pre-existing event detectiontechnology, such as motion, video and perimeter control devices to alertthose guards of real time events taking place on their shift.

Many patents describe relatively sophisticated security systemsutilizing video images obtained from a plurality of cameras relayed to asite control unit equipped with an automated image processor. The imagesare then relayed to a security system operator who then analyzes theimages and informs authorities of an intrusion.

While these systems utilize advanced technological features todistinguish between actual intrusions and false alarms (friend or foe),the absence of a human guard which would serve to discourage intrusionsis notably absent. Moreover, the presence of human guards makes thosethat are present within the facility feel protected and well taken careof, and these individuals will often speak to the security guards orbecome familiar with them to avoid any misunderstanding as to theiraccess authorization or the like.

Additionally, the highly automated image processor and related complexsoftware used to differentiate between actual foe intrusions andfriendly false alarms is inherently limited in its capability toobserve, compare and react to the myriad of potential one time orentirely novel situations which might occur. This type of securitymonitoring can only be accomplished with highly trained, well equipped,and competently supervised human security guards on duty in numberscorresponding to the amount of space or activity required for optimalsecurity from outside threats.

Therefore, it would be highly desirable to have a new and improvedsystem for the technological augmentation of human guards who areirreplaceable in terms of providing a deterrent to intrusion and who arecapable of observing, assessing and responding to novel and unusualsituations and whose actions would automatically be reported to acentralized headquarters with integrated automated daily events andincident real time reporting.

Finally, there are patented inventions which provide for an apparatusfor monitoring subjects having a location determining device whichprovides the location of the subject to a processor. The processor thenstores and retrieves data generated or received by the processor. Theprimary means by which the subject is tracked is by usage of a GPS.Comparison of the parameters of given geographical boundaries to thedata from the location determining device may determine if the subjecthas deviated from those parameters. The claimed invention mandatesdetection of at least one physiological parameter of the subject inorder to compare existing subject data previously stored.

These imaginative inventions do provide for tracking and determinationof the general area in which a subject is to be found and a means bywhich to compare the location with a pre-determined geographic location.Unfortunately, while the location and tracking device may show a generalarea in which the subject is located, there is no way of determining theexact location of the subject at any given point in time.

In addition, this system again depends upon a complex processor whichmust be programmed with any number of parameters. The system may fail tooperate properly or may not operate at all if incorporated into apre-existing security system, especially one having less complexprocessors available on site.

Therefore, it would be highly desirable to have a new and improvedsystem for technological augmentation of human guards automaticallyreporting exact location and time to a centralized headquarters withdaily events and incident reporting automation which could give exactlocations and time records of movement of the guards which would readilyincorporate pre-existing hardware and software. Moreover, it would behighly desirable to enable said guards to be alerted in real time whensecurity threatening events or environmental events occur including theautomated translations of these real time alerts into local dialects andlocal languages.

DISCLOSURE OF INVENTION

It is therefore the principal advantage of the instant invention toprovide a multiple site, integrated security system which incorporatesand enhances the performance of human guards within said securitysystem. The invaluable human presence acts as a deterrent and providesthe irreplaceable human capability to observe, assess, coordinate, andreact instantaneously to unusual and immediate circumstances.

It is another advantage of the instant invention to provide the humanguards with the latest technology, in the form of wearable and hand heldcomputers or other data processors capable of wireless communications,in order to make the guards more intelligent and responsible to theguarded facilities complex interactive environment.

Another advantage of the instant invention is to provide a system whichwould be flexible in incorporating new technology and pre-existinghardware equipment thus providing a high level of integration with offthe shelf security devices now existing or not yet conceived.

It is a further advantage of the instant invention to provide a systemof security which is able to be custom configured and scaled up or down,by being individually tailored to site conditions such as site componentconfigurations, checkpoint locations, building type material, buildingtransportation systems, facilities environmental control systems, suchas climate control, fire and smoke detection, and other variedparameters.

Yet another advantage of the present invention is to provide a systemwhich would automatically monitor and control certain movable and fixedsite conditions such as people and vehicles at checkpoints, safetysystems, access control systems, position sensors, transportationcontrol systems, power supply systems, water and hydraulic controlsystems, warning systems, lighting systems, communications systems andmiscellaneous site-specific systems such as greenhouse temperaturecontrols.

Yet a further advantage of the invention is to enable training of humanguards including drills, system operating instructions, and interactivetesting of guard utilization of all system components, includingsoftware, hardware and communications.

Still another advantage of the instant invention is to provide a systemfor security which monitors the identification and authorization ofpersonnel inside secured areas through use of a two points accesssubsystem composed of a fixed device installed at a checkpoint and amobile device (wearable or hand held) carried by authorized personnelwhich could be configured to integrate pre-existing security systemswithout modification of the core program.

Another advantage of the instant invention is to provide a guardactivity and real time reporting support system which includes ascheduled building and real time guard tour tracking system.

Yet another advantage of the instant invention is to provide a systemwhereby bi-directional data and command transmission may occur between abase station (computer or server configuration) and any designatedperson or group of persons, which enables assistance deployment andtransmits the location of the person, group of persons, security guardsand/or guard vehicles.

A further advantage of the instant invention is to provide a systemwhich records real-time object identification and tracking subsystemsfor indoor and outdoor areas.

Another advantage of the present invention is to provide a site videomonitoring system which will be recorded, transmitted and displayed at abase station (computer or server configuration) with the option of videodata processing, to recognize and alert of certain predetermined events,such as access verification, etc.

Still another advantage of the invention is to provide a system whichmay integrate pre-existing hardware into the system without requiringpurchase of redundant hardware.

Yet another advantage of the invention is to provide a system wherebythere is automation of communication between base station andheadquarters and between base station and any other specified person ordistribution point whether mobile or fixed.

It is also another advantage of the present invention to provide asystem which would automate time sheets, payroll recap and otheraccounting operations.

It is another advantage of the present invention to provide a systemwhich provides availability of site level information from a centralizedheadquarters, or remotely away from a centralized headquarters.

Still another advantage of the present invention is to provide a systemwhich would provide access to historical information such as timesheets, event logs, and alert logs to designated personnel.

Yet another advantage of the present invention is to provide a means ofcommunication via the Internet with a central console monitoringapplication.

Still another advantage of the present invention is to provide a systemwith failure-resistance and robustness against hardware denials andintentional attacks by providing data backup on both facilities site andat security headquarter levels.

It is yet another advantage of the present invention to provide a systemcapable of communicating with preexisting and/or pre-built systemconfigurations to be installed at specific kinds of sites.

It is also another advantage of the present invention to provide acomputer-implemented coordinated communications protocol and system,which would automate a real time alert system, direct security alerts,and translate those alerts into the local dialect or language.

It is another advantage of the present invention to provide a securitysystem which would support several levels of software, users, data,applications and communications, and whereby security tasks areperformed and verified by the guard during the guard tour and thatinformation is recorded by the guard in a checkpoint data processingapplication, then that recorded information is passed to a base station(computer or server) processing application. The ability to providecentral monitoring of guard tours is dependent upon novel wearable andhand held devices which are capable of wireless communications with thedata processing checkpoint stations.

Briefly, the advantages of the present invention are realized byproviding a human-oriented security guard system as the pivotal aspectof the security system, whereby said guards are greatly enhanced byimplementation of varying security device and microprocessor technology.The technological aspect of the system is not specific to any devices orequipment currently on the market but would be site specific and wouldhave the option of incorporating pre-existing technology in centralizedmonitoring of the site. A high level integration enables introduction ofnovel technology appearing on the market or pre-existing site specifictechnology into the security system. Supported features of the systeminclude a guard tour control system, centralized coordinatedcommunications and reporting with headquarters, schedule builder andtime recap automation, daily events and incident automation, support ofsecurity protocol, optional web access to the base station application,synchronization with headquarters accounting database and centralizedconnection to existing client's equipment. The primary goal of thesystem configuration is to make guard tour tasks planned, controlled,monitored, recorded, expensed and paid in a highly efficient andeffective manner.

Moreover, the advantages of the present invention are realized byproviding a human guard enhancing multiple site security systemcomprising one or more human guards, peripheral equipment positioned atone or more sites, said peripheral equipment comprising one or more of aplurality of sensors, video cameras, positioning systems, and mobilecommunication and data processing equipment, said peripheral equipmentbeing further capable of collecting and transmitting event-related andenvironmental data, one or more checkpoint systems capable of receiving,processing into a standardized protocol, and further relaying the datareceived from said peripheral equipment, and of providing said one ormore guards with information based on the data, and one or more stationscapable of logging, processing, and reporting the data relayed from saidone or more checkpoint systems to provide a security system status andto facilitate human supervision, situation analysis, decision making,and intervention.

Additionally, a new and improved computer implemented communicationsprotocol is provided, which is an XML based communications protocol forsecurity monitoring purposes. This unique XML based communicationsprotocol is implemented through numerous modules which receive andconvert data messages from diverse security devices and sensors,standardize and send converted messages, and encrypt and decrypt saiddata messages to security personnel as necessary. With the set modules,the data messages are filtered and transmitted from checkpoint computersto base station computers, which analyze, report, and log environmentalas well as security events within a subject site. Moreover, real timealerts may be translated into local dialects and languages as necessary.The resulting integrated security system provides better monitoring andresponse tools to the security guards, better trained security guards,who are more alert and responsive, and more closely supervised andeasily scheduled guards, with enhanced financial monitoring, moreaccurately paid and cost analyzed security services, better archived andreported security related events, as well as better coordination withpublic agencies, enhanced safety, and readily upgraded and integratedwith existing and future technologies. Real time alerts may beselectively directed to a number of other systems, including publicsafety agencies, government offices, school campuses, communities andglobally.

Therefore, this new and improved multiple site, readily scalablesecurity system is provided which combines human-based securitypersonnel integrated with a diverse integrated array of fixed andmovable electronic security enhancing components, and numerous modes ofcommunications between said components, including hard wired andwireless applications. The security related components include eventsensors, identification tracking for people and things, access controldevices, security guard wearable computers and hand held computers aswell as embedded data processing control and communications systems,with all sensors and sites capable of being monitored by a designatedheadquarters through checkpoint data processing components and basestation components. The security system provides better trained securityguards, who are more alert and responsive, and more closely supervisedand easily scheduled, enhanced financial monitoring, more accuratelypaid and expensed security services, better archived and reportedsecurity related events, as well as being better coordinated with publicagencies, enhanced safety, and readily upgraded with existing and futuretechnologies.

The above-mentioned and other advantages and features of the presentinvention and the manner of attaining them will become apparent, and theinvention itself will be best understood to those of skill in the art byreference to the disclosure herein in conjunction with the accompanyingdrawings.

BRIEF DESCRIPTION OF DRAWINGS

The accompanying drawings, which are incorporated in and form a part ofthis specification, illustrate embodiments of the invention, andtogether with the description, serve to explain the principles of thisinvention, wherein:

FIG. 1 is a representational diagram of a multiple site integratedsecurity system constructed in accordance with the present invention;

FIG. 2 is an enlarged detailed diagram of a communications schemebetween multiple checkpoint data processors and a central base stationcomputer, constructed in accordance with the present invention;

FIG. 3A is an enlarged detailed diagram of a base station locatedoutside of the headquarters office with multiple workstations and hardwired as well as global computer network communications capabilities,constructed in accordance with the present invention;

FIG. 3B is an enlarged detailed diagram of a base station withinheadquarters with multiple workstations and hard wired as well as globalcomputer network communications capabilities, constructed in accordancewith the present invention

FIG. 4 is a block diagram of the checkpoint data processing architectureand communications system between the security system event sensors andsaid checkpoint data processor, in greater detail, constructed inaccordance with the present invention;

FIG. 5 is a block diagram showing the checkpoint hardware architecturein greater detail, including communications routes between numerouscheckpoint data processing units and a base station, constructed inaccordance with the present invention;

FIG. 6 is a block diagram of an integrated security system encrypted XMLcommunications protocol illustrating communications between systemsensors, checkpoint data processing units and the system coreapplication at a base station, constructed in accordance with thepresent invention;

FIG. 7 is a block diagram illustrating the three basic levels ofarchitecture in the strategy and functioning of the overall method andprotocol for real time security system communications;

FIG. 8A is a diagram that shows a stand-alone checkpoint computerprocessor, wherein the checkpoint software is housed within that standalone computer processor;

FIG. 8B is a diagram of a mobile checkpoint computer processor, whereinthe checkpoint software is housed within that mobile computer processor;

FIG. 8C is a diagram of a distributed checkpoint with checkpointsoftware partially on board both a cell phone as an example of a mobilecheckpoint, and partially on board a base station server as an exampleof a fixed checkpoint;

FIG. 9A is a block diagram of the site devices and base station modulesillustrating the architecture and data flow between sensor input devicesand checkpoints, and checkpoints to the base station messageconcentrator, constructed in accordance with the present invention;

FIG. 9B is a block diagram of the base station modules illustrating thearchitecture and data flow between various modules within the systembase station, constructed in accordance with the present invention; and

FIG. 9C is a block diagram of the base station modules illustrating thearchitecture and data flow between various modules within the systembase station controlling alert monitoring and notification, inaccordance with the present invention.

BEST MODE FOR CARRYING OUT THE INVENTION

Referring now to the drawings, and more particularly to FIG. 1 thereof,there is shown a new and improved multiple site integrated enhancedhuman oriented security system 10 capable of exchanging data among humanguards, peripheral equipment monitoring the sites where security system10 is activated, and stations where the data collected at the sites isanalyzed and appropriate countermeasures are implemented. Specifically,the multiple site integrated security system 10 as represented by FIG. 1and constructed in accordance with the present invention, uses directcommunication, for example, hard wired bi-directional communication 22,and indirect communication, for example, use of a global computernetwork like the Internet 20, as methods of communication between acentral headquarters 16 and one or more facilities sites 12 and 14.Direct communication is defined as a point-to-point connectioncontaining hard wired and/or wireless components in which the sender andreceiver are not separated by switching nodes. One example of this isthe communication between a wireless transmitter and a wirelessreceiver. On the other hand, indirect communication can be definedherein as a connection containing hard wired and/or wireless componentsin which the sender and receiver are separated by switching nodes. Thisis best exemplified by a local area network (or LAN) and a globalcomputer network, such as the Internet.

The new multiple site integrated security system 10 may be tailored tosite specific needs or pre-existing hardware and equipment asrepresented by a Site A security subsystem 12 and a Site B securitysubsystem 14. The sites may be in communication with the integratedheadquarters server subsystem 16 by means of direct communication 22 asexemplified by communication with the Site B security subsystem 14. Thisdirect communication 22 between the sensors and the checkpoint dataprocessing subsystems and between the checkpoint data processingsubsystems and the base station CPUs may also be accomplished throughthe use of existing electrical power lines located at the guardedfacility or site.

In the alternative, communication with the integrated headquartersserver subsystem 16 may be accomplished via a global computer network,such as the Internet, as exemplified by communication between theintegrated headquarters server subsystem 16 and the Site A securitysubsystem 12. Furthermore, it is contemplated that said communicationsbe made via a global orbiting satellite system (such as the existingglobal positioning satellite or GPS system) or a similar high altitudeor outer space vehicle sensing the data transmissions. Moreover, anyenergy transmission may be used by the security system, for example,including but not limited to shortwave, long wave, microwave, X-ray,gamma ray, radio frequencies, and cellular telephone frequencies.

Turning now to FIG. 2, there is shown a more detailed view of oneexample of a possible local area site security subsystem configuration24. The base station central processing unit (or CPU) 30 is incommunication with checkpoint data processors or computers asexemplified by checkpoint computer 40 and a checkpoint personal digitalassistant, or checkpoint PDA 50. The checkpoint data processingsubsystems 40 and 50 are either installed within the local area site 24,or are mobile devices operating within the local area site 24, and areconnected to all hardware devices providing security in this local areasite 24. The checkpoint data processing subsystems 40 and 50 collectinformation from wireless sensors 44 and 54, and other peripheralequipment such as wireless personal digital assistants (or PDAs) 46 and56, hard wired sensors 48 and 58 and hard wired video cameras 42 andwireless video camera 52. Hard wired sensors 48 and 58 may bepre-existing units, or in the alternative, may be off the shelf securityequipment designed to be installed and operated as motion sensors, heatsensors, etc. Moreover, it is contemplated that the video transmissionfeeds may come from both hard wired video cameras such as 42 and or fromwireless video cameras 52, as shown. In some instances, automated videomonitoring may be employed at the checkpoint level, or in thealternative, at the base station level of the security systemsarchitecture.

The checkpoint data processing subsystems 40 and 50 then process all ofthe information gathered from any peripheral equipment as exemplified by42, 44, 46, 48, 52, 54, 56, and 58, and transmits the event sensorinformation to the base station computer or CPU 30.

In general, the peripheral equipment is capable of detecting events thatare adverse to the security and safety of persons and things, morespecifically, event-related data and environmental data, such ascriminal acts, terrorist threats and acts, war acts, riots, civilunrest, political events, structural failures, power failures,electronic failures, adverse weather, fire hazards, seismic events,variations in light and temperature, and other hazardous conditionsrequiring situation assessment and countermeasures. Examples ofperipheral equipment include sensors, video cameras, positioningsystems, and mobile communication and data processing equipment, such ascellular telephones and PDAs.

Further, the multiple site integrated system 10 can be operated toprovide the guards with real and simulated data suitable for aninteractive training of the guards. Such interactive training includesdrills, operating instructions, and interactive testing of guard skillsrelated to system components, software, hardware, and communicationlinks.

The base station computer or CPU 30 accepts information from allcheckpoint data processing subsystems 40 and 50, and any others incommunications therein, stores the information in a database 34,provides access to this information to personnel in real-time mode andgenerates alerts if indicated by alert logic. Activity on the basestation may be monitored in real time via a workstation monitor 32 orremotely (see FIG. 3A and FIG. 3B below). Furthermore, it iscontemplated that checkpoint data processing subsystems 40 and 50 maynot be computers in the literal sense, but may be replaced in certainsituations with data processing units of varying sizes, complexities andconfigurations, including but not limited to handheld computing devices,PDAs and cell phones.

Another alternative configuration employs a cell phone as a checkpointdata processing subsystem, shown here in FIG. 2 as checkpoint cell phone41. This cell phone may have an integrated or attached globalpositioning system GPS 43, which is in communication with a satellite 45via a global orbital satellite communications system 47 in order todetermine the geographical location of the cell phone 41. Cell phone 41may also be in communication with one or more sensors within local areasite 24, such as sensor 49. Additionally, cell phone 41 may communicatewith other voice devices, such as other telephones, and the base stationCPU 30 either through voice transmissions or data transmissions via celltower 51 and a global computer network, such as the Internet 53.

Therefore, in operation with respect to FIG. 2, the security system mayhave additional types of checkpoints, such as mobile computers (PDAs,etc.) and cell phones. Each checkpoint is an intermediate device, whichconnects sensors to the Base Station and therefore each checkpoint hastwo main types of connections: (1) to the sensors, and (2) to the BaseStation. The types of communications between these devices includedirect communication and indirect communications as defined above. FIGS.1 and 2 show examples of a few different configurations of thecheckpoints within the overall system, and these configurations include:

Stand-Alone Fixed Base Station Computer

A checkpoint computer as a regular desktop computer connected to theBase Station Computer via direct or indirect communication. Examples ofdirect communication between the desktop checkpoint and Base stationcomputer would be a wired local area network (LAN) or input/outputports. Examples of indirect communication between the desktop checkpointcomputer and the base station would be the Internet or a LAN. Thecheckpoint computer is also connected to different sensors/devicesincluding PDAs and cell phones via direct and indirect communication.

An example of sensors which connect via direct communication to thedesktop checkpoint would be a hard-wired video camera and hard-wiredtemperature sensor. An example of device connected via indirectcommunication to the checkpoint computer would be a PDA which haswireless network adapter (see the Site A and Site B configurations inFIG. 1).

Mobile Checkpoint Computer—PDA

A checkpoint computer as a mobile computer (here a PDA) connected to theBase Station via direct or indirect communication, and to sensors viadirect or indirect communications. An example of indirect communicationbetween the mobile checkpoint computer and the base station would be theInternet or a local wireless network. The direct communication between aPDA and the base station would be used very rarely and only when theindirect communications mode is inaccessible. For example, when thewireless network is down, the checkpoint software installed on a PDAwould start caching information from the sensor in the internal memory.Then it is possible to connect the PDA to a local area network via anetwork adapter, or directly to the Base Station computer via a USBcable, and send all the cached messages out.

An example of devices that connect to a mobile checkpoint via directcommunication would be the GPS receiver and the Barcode Reader. The GPSreceiver can be attached to the PDA (and/or cell phone) and receivescurrent device geographical location information via Global OrbitingSatellite System, that is, the PDA receives messages from the GPSreceiver, translates them and transmits them to the Base Station. TheBarcode reader is also attached to the PDA device and reads barcodes,which code the desired location. Then the PDA receives messages (codes)from the Barcode reader, translates them and transmits them to the BaseStation. An example of device connected to a mobile checkpoint viaindirect communication would be a remote video camera which talks to PDAvia a Bluetooth wireless protocol (see Site A, FIG. 1).

Mobile Checkpoint Computer—Cellular Phone

Another example is a checkpoint computer as a cell phone connected toBase Station via indirect communication, and connected to sensors viadirect or indirect communications. An example of indirect communicationbetween the cell phone checkpoint computer and the base station would bethe Internet (for example, available through the cellular data networkprovider). An example of devices that connect to a mobile checkpoint viadirect communication would be the GPS receiver and the Barcode Reader(as described above). An example of a device that connects to the cellphone checkpoint via indirect communication would be a wireless photo orvideo camera, which talks to the cell phone via a Bluetooth wirelessprotocol (see Site B, FIG. 1).

Referring now to FIGS. 3A and 3B, there is shown two possibleconfigurations of the headquarters server subsystem 16 and 17, one inwhich the headquarters subsystem communicates with base stations at aremote site (FIG. 3A), and one where the base station softwarecomponents are installed on the headquarters server and there exists nosite level base station computer or computers (FIG. 3B).

FIG. 3A illustrates a representational diagram of the integratedheadquarters server subsystem 16. The headquarters server 60 is incommunication with one or more of the base stations by means of a globalcomputer network such as the Internet 20 or via a hard wired connection22. The information from the headquarters server 60 may be viewed atheadquarter workstations 62 and 64 or at widely remote workstations 18by means of a global computer network (such as the Internet, satellitefeeds) or by any other hard wired and/or wireless means.

The server subsystem 16 comprises a database memory unit 66 and aback-up database memory unit 68. All of the information generated by allother components of the security system 10 are stored within thedatabase memory unit 66 and further backed up within database memoryunit 68. This enables generation of reports aimed at the scheduling,planning, monitoring, controlling, tour event recording, sensed eventrecording and tracking of human security guards on duty at all of theguarded facilities (Site A, Site B, etc.) and other monitored sites.Furthermore, real time monitoring of events within secure facilities isrecorded to enable faster, more effective use of guard supervision,decision-making, intrusion intervention and deployment, among many othercontemplated guard tasks.

Therefore, in FIG. 3A, the Base Station Software resides on remotecomputers located outside of the Headquarters office and data is beingsynchronized between the central database located at Headquarters officeand outside local databases. In this scenario described in FIG. 3A, thesystem can function independently locally without having any connectionto the central Headquarters office, with the primary benefit being thatguards and local supervisors have full control over what's happeningwithin a site even if the connection to the Headquarters office is down.

FIG. 3B shows another possible configuration for configuring theHeadquarters and the base station, with respect to headquarters serversubsystem 17. In this scenario, the headquarters server 60 has some orall of the base station software components installed. In thisconfiguration, no base station computer or computers exist at the sitelevel. The Checkpoints are transmitting information directly to theheadquarters server, and base station software components within theheadquarters server 60 receive and process that information, and thenstore it in the headquarters database 66 and backup 68 directly. Thisconfiguration is used for the sites that do not have a heavy traffic andthe cost of installing and maintaining of the base station computerwould be much higher than the cost of keeping the base station softwarecomponents at the headquarters server computer.

Therefore, FIG. 3B shows an alternative scenario, that is, one in whichthe Base Station resides within the Headquarters office and directlywrites messages received from Checkpoints into the central database. Inthe scenario described in FIG. 313, the system relies on having anactive connection to the Headquarters office via the Internet 20. Whenthe connection is down, all information received from sensors is cachedat the Checkpoint level and will be transmitted to the Headquartersoffice as soon as a connection to the Headquarters is re-established.The benefit is that very limited installation needs to be done andmaintained on local sites and the cost is minimal. Another benefit isthat information of significant importance can be shared between alldesired sites almost instantaneously.

A schematic diagram of checkpoint computer communications options 70 isillustrated in FIG. 4. Another embodiment of a checkpoint computer 72receives and records information from peripheral event sensor equipment.Most of these devices, such as an access control system 94, a bar codescanner 74, a motion detection device 75, an identification or IDtracking device 76, a GPS tracking system or tracking device 78, atemperature sensor 96, a fire and smoke detection device 82, perimetercontrol systems 98, a hand held device 84 such as various security guardcommunications equipment or a PDA-type device, video camera subsystems86, climate control subsystems 88 such as heating ventilating and airconditioning (HVAC) subsystems, and transport subsystems 92 such aselevator control device, will all send information instantly andsimultaneously to the checkpoint computer 72 by means of a securitysystem communications protocol through an embedded Input/Output (I/O)microprocessor, as shown within the checkpoint computer 72.

Sensor specific communication protocols, for the purpose of collectingdata from sensors, may be developed and deployed for each project.Alternatively, existing software components will be customized orinterfaced with to allow communications between the sensors and thecheckpoints. The universal communications protocol, comprised of anencrypted XML-enabled proprietary software program, will directcommunications between the checkpoint data processing subsystems orcheckpoint computers and the base stations as well as any headquartersservers deployed within the system (see FIG. 5 and FIG. 6 below).

Furthermore, as illustrated in FIG. 4 an outside information network 83will communicate directly with the checkpoint computer 72. The outsideinformation network 83 represents external shared information sourcessuch as a weather website, a news website, other informational broadcastchannels, etc. The present security system will consider those outsideinformation sources as a special type of “sensor” within the system.Information obtained in this way will contribute to the overall securitymonitoring and alert notification within and outside the site, or withinthe network of monitored sites. Additionally, the security informationmay be translated into local dialect or language and selectively sentout to public safety agencies, government offices, school campuses,communities, globally and beyond.

The security system may be customized to meet local requirements. Forinstance, the security system may be capable of disseminating real timeinformation throughout the system in different formats that reflectlocal languages and idioms, local alphabets, local cultural conditions,and local laws and regulations.

FIG. 5 is a block diagram of the checkpoint computer hardwarearchitecture in greater detail 100. The CPU microprocessor controller102 converts the incoming and outgoing signals by means of applicationsoftware, which is stored in the memory (ROM and RAM) 104 of thecheckpoint computer. The real time operating system RTOS/Stack/Programmodule 106 and the real time clock 108 will run the softwareindependently. Each checkpoint 100 will be equipped with a NetworkBridging Device 110 including but not limited to a network adapter, anEthernet controller, a WLAN controller, a phone modem, a cellular modem,etc., which will allow communications via a local area network (LAN) ora global computer network (the Internet) on site between othercheckpoint computer systems such as checkpoint data processingsubsystems 112, 114 and 116, and the sensors, controllers and otherdevices within each of those checkpoint computers range of operations.

Communications within the local area network (LAN) or a global areanetwork, such as the Internet, linking the checkpoint data processingsubsystems together, and the base station CPU 118 is accomplished eitherby means of hard wired or wireless communications media. It is alsocontemplated that these communications may be directed over existingpower lines in and around the guarded facilities. By using the existingpower supply and routing lines, the security system can be readilyintegrated into almost any environment, facility or site, which includesany existing power supply lines into or out of the building, campus orcomplex.

Turning now to FIG. 6, there is illustrated a block diagram of anintegrated security system encrypted XML communications protocol 120exemplifying communications between checkpoints and the system coreapplication at a base station, as constructed in accordance with thepresent invention. The system sensors 122 communicate any (and all)system event 124 to a checkpoint 130 via a custom protocol. A sensorcode 132 identifies the sensor device that transmitted the system event124. An event code 134 identifies the actual event and attribute code(s)and value(s) 136 together describe software values for the system event124 and each individual system event as reported. Each system event 124can have several attributes. The value of an attribute could be anythingfrom an integer, a string, an image or other data file.

The attribute code(s) and value(s) 136, together with associated sensorcode 132 and event code 134 for a given system event 124, are detectedand processed by the checkpoint encrypted XML communications protocolsoftware which generates the encrypted XML message which can then betransferred over the network, LAN or a global computer network such asthe Internet. After the encrypted attribute code(s) and value(s) 146,sensor code 142 and event code 144 have been received by the securitysystem core application (shown as SCA in FIG. 6) at the base station(shown as Base Station in FIG. 6) 140, the SCA at Base Station willprocess and decrypt the incoming XML message. The event code 144 and thesensor code 142 will generate an event in the event log and attributelog 148.

Meanwhile, an Event Processor Object 152 will also receive XML messagesand process them. For example, the Event Processor Object 152 willcompare the attribute code values to those of the alert values stored inthe database and generate an alert 154 accordingly. The alert 154 isthen stored in the alert log 158. With the three basic elements, sensorcode 132, event code 134 and attribute codes 136, it is possible todescribe the communication between the base station CPU 30 and thecheckpoint computer 40 for any type of device. Therefore, onceprogrammed, using the encrypted XML protocol 120, the integratedsecurity system can communicate with any off the shelf security device,such as motion sensors, etc., as well as with any facilities subsystemmonitoring devices, such as climate control or fire and smoke detectiondevices. The specific functioning of this Event Processor Object 152 issuch that the processing of the events that come from the sensors nowdoes not have to be done in the database, but at any appropriate levelwithin the application architecture.

An Alert Type Code 160 component is in bi-directional communication withthe system sensors 122 and the alert log 158 at the Base Station 140. Inoperation, the Alert Type Code 160 brings an alert from the base stationlevel to the checkpoint level, and if necessary, to the sensors. When analert is created in the Base Station 140, it needs to be delivered topeople and/or devices that are responsible for handling that type of thealert. In order to do that it gets wrapped into the XML message and sentto the desired checkpoint (or multiple checkpoints, if necessary). Thencheckpoint software decides how the alert needs to be handled, forexample generate a visual display for a human guard to view, make asound signal, or provide a specific programmed in sensorresponse/behavior (turn on lights, etc.).

One example is the response to a guard entering a room he is notauthorized to enter. First, a Wi-Fi identification system would sensethe guard in the room, and send an event signal “Guard A is in the RoomX” to the base station. The event signal will be processed and stored inthe database in an event and attribute log. Then the Event Processorobject compares the event with the existing access rules and identifiesthat the situation is abnormal, and an alert needs to be generated. Itgenerates a new alert and stores it in the Alert Log.

Next, the Base Station XML protocol software takes this alert, packs itin the standard XML message and sends to the checkpoint that have “RoomX” sensors connected. The checkpoint receives the alert, process it andsend a command to the “Alarm” sound system. Another alternative tohandling the alert would be to send it to the desired backup guard orother personnel, that is, to the particular mobile checkpoint presentlyin that person's possession.

FIG. 7 is a block diagram illustrating the three levels of architectureof the strategy and functioning of the overall method and protocol 190for real time security system communication. There are three levels oforganization within the protocol. Level I 192 includes the security sitesensors, other installed security and environmental monitoring hardwaredevices and any embedded computer systems as well as low-level softwarecomponents (drivers) to communicate to these hardware devices. Level II194 includes the security site checkpoint software (and checkpointcomputers and devices). Level III 196 includes the site base stationsoftware (and computers and any off-site headquarters computers, and anyother off site computers.

Referring now to FIG. 7, in operation, under Level 1192, securitydevices and sensors transmit data in device language specific for thatdevice or sensor. Under Level II 192 a checkpoint data processing unitcollects data messages from various site security devices and sensors inunique device language and translates these messages into standardizedmessages to be passed on to the SCA. This is accomplished by generatinga message based upon converted coded data messages and transmitting theconverted messages to computers containing the SCA.

Under Level III 196, base station software components installed on thebase station computers and/or off site headquarters computers, or anyother off site computers, such as remote workstations, analyze the codedtransmitted messages whereby such analysis is used to generate reportsand logs for the purpose of effectively monitoring the environmental andsecurity conditions within a subject site.

Therefore, Level I 190 operations include data transmission from anynumber of existing, or yet to be created, security devices and eventsensors, either off the shelf units and/or customized combinations, allhaving their own specialized and unique device language transmittingcomponents and qualities. In this regard, the present invention can beprogrammed to receive all of the data message formats originating fromany and all of these devices, then be integrated into any site forsecurity and/or environmental monitoring in a customized and readilyscalable fashion.

FIGS. 8A, 8B and 8C are diagrams that illustrate some of the possibledifferent configurations of the checkpoint hardware and the location ofthe checkpoint software. It shows in greater detail at least threedifferent architectures of the checkpoint with respect to both softwareand hardware.

FIG. 8A illustrates a simple stand-alone checkpoint 200, including acheckpoint computer 202. The checkpoint software 204 comprises aconversion module 84, a control sum/CRC module 86, an encryption module88 and a transmitting module 92. In this configuration, the checkpointsoftware 204 is installed on the checkpoint stand-alone computer 202located either at the security alert monitored site or in theheadquarters office. Sensors 206, other sensors 208, one or more cellphones or radio frequency ID tags 210, and PDAs 212 are all incommunication with the checkpoint computer 202. The checkpoint computerthen communicates with the Base Station 96 using an XML language basedprotocol.

In FIG. 8B, there is illustrated a simple mobile checkpoint 220comprising a PDA 222. The checkpoint software 204 is completelyinstalled on a mobile computer checkpoint, such as PDA 222, which isconnected via a wireless local network to the sensor ID tag 226 andother sensors 228, and to Base Station 96 via the Internet using an XMLlanguage based communications protocol. The base station 96 isoptionally located at the same site as the mobile checkpoint or at theoff site headquarters office.

FIG. 8C illustrates a distributed checkpoint configuration 240 whereinsome or all of the checkpoint software modules (described above) areinstalled on board a mobile checkpoint computer/device 242 (such as acell phone, PDA, etc.). At the same time, some or all of the checkpointsoftware is installed on board a stand-alone checkpoint computer 244,such as the Base Station server, as shown here, located on the samesite, or at the headquarters office. The mobile computer/device 242communicates with the sensor ID tag 246 and the other sensor 248 via awireless network, receives messages, creates a message in anintermediate format, encodes the messages and transmits them to thosemodules of the checkpoint software residing on the stand-alonecheckpoint computer 244. Those modules of the checkpoint softwareresiding on the stand-alone checkpoint computer 244, receive themessages, decode them and pack them into specified XML messages to beused to generate specific security alerts.

FIGS. 9A, 9B and 9C show the architecture and data flow of the entiresystem, especially with respect to message and alert generation,routing, monitoring and notification. The core of the system consists ofthe Message Queuing and Processing software modules 300 located withinthe Base Station 302.

Referring now to FIG. 9A, in operation, one or more sensors 304continuously monitor for specific events. These sensors are incommunication with one or more checkpoint computers 306, referred tohereinafter as “checkpoints.” Upon the occurrence of an event, sensors304 picking up said event then relay information regarding that event tothe checkpoints 306. The checkpoints 306 receiving such information thengenerate messages 308 and these messages 308 are sent to the BaseStation 302, more specifically to the Message Concentrator module 310therein. The Message Concentrator 310 then sends information regardingthe messages to a Web Services module 312 within the Base Station 302,which in turn relays said information to a Microsoft® (MS) message queue314. This MS message queue 314 contains one or more event type specificqueues (see FIG. 9B where four separate queues are shown as an example.Checkpoints 306 are also capable of receiving Alert Messages 317 in XMLlanguage from an Alert Notification Engine 334 (shown in FIG. 9C).

Referring now to FIG. 9B, every event type specific queue within MSMessage Queue 314 handles one or several types of events. Here queuesfor radio frequency ID tags, elevators, fire and a common queue isshown. Messages from the hardware are sorted by Event Type, queued in acorresponding Queue and processed independently from the different typesof messages, using XML Configuration File 318, as follows:

.... <Queues>  <Queue Name=“q1”.....>  .....  <Events>   <EventCode=“MOVE” />   <Event Code=“HIT” />  </Events>  </Queue>   <QueueName=“q2”.....>  .....  <Events>   <Event Code=“FIRE” />  </Events> </Queue> </Queues> ....

The Message Concentrator 310 is a Windows based application that“listens” to a TCP/IP port for the incoming messages. Checkpoints 306send event messages 308 generated by hardware sensors 304 to those portsin described XML format. When the Message Concentrator 310 receives anXML message it calls a Web Service 312. When the Web Service 312receives a message it looks up which Queue it should be placed to andcreates a new MSMQ message in the queue.

Every Queue has a Message Queuing Trigger object 320 assigned. MessageQueuing triggers 320 allows the system to associate the arrival ofincoming messages at a destination queue with the functionality of oneor more COM components or stand-alone executable programs. Thesetriggers can be used to define business rules that can be invoked when amessage arrives at the queue without the need for any additionalprogramming.

Referring to FIG. 9C, in operation, a trigger object performs twodistinct steps: (1) it calls a filter object 328 to determine if themessage should be processed or filtered out. For example a fire controlsensor generates an “OK” event every two seconds. There are one hundredfire sensors installed in a building. If the system would process,analyze and store all those “OK” events that would create a hugeoverhead and take a lot of memory and disk resources. It is reasonableto filter out most of the events, and record only one “OK” event everyset number of minutes, or some other pre-programmed unit of time; and(2) if the filter returns that the message should be processed, it callsa message processor object 326 that implements custom logic on how thistype of event should be processed and stored in the database. Forexample, for a “Person Identification” event, the processor object willinsert records into SensorEventLog and AttributeLog first, and then callthe “UpdateTourLog” stored procedure to match the message with theprescheduled Tour Log for that given shift.

Each Filter object takes an XML message, analyzes it and tells theTrigger if the message should be processed and stored in the database.In order to do that, a Filter should have access to recent history ofthe processed messages. This history is called Context and it is storedin XML format in memory in a Current Queues Context module 324.

Every Queue has its own Context. Context is defined by Context ID—acombination of attributes that identify records in the Context relatedto “the same entity” as the processed message by the Filter, and ContextValue, or state—a combination of the attributes that should be comparedwith the current message to decide if the message is identical to theContext's message.

Within database 330 is the Alert Engine 332 which is constantlymonitoring new events to check them against the predefined rules withineach site. When an abnormal condition is detected, the Alert Engine 322creates a new alert 336 in the Alert Log.

The Notification Engine 334 is constantly monitoring the alerts 336 inthe Alert Log. When a new alert 336 is created or a current alert statusis changed, the Notification Engine 334 sends an alert message in XMLformat to the desired (by location or by owner) checkpoint 306 (see FIG.9A).

Additionally, this system can be used to train security personnel. Thistraining may include interactive training of the guards which furtherincludes event drills, operating instructions, and interactive testingof guard skills related to system components, software, hardware, andcommunication links. In this regard the security system actuallyenhances its own operation by making the human guards better educatedand better trained.

Examples of XML Communication Protocol Operation

One focus of the instant invention is on the communication between thecheckpoint computers and the base station (BS). The main concept of theprotocol between checkpoints and BS's is determined by three elements,the sensor code, the event code and the attribute codes. The sensor codeis the identification of the sensor/device that produces a particularevent. The event code is the identification of the actual event thathappened. The event code, together with the sensor code is unique andwill be logged in the event log. The attribute codes are attributes ofthe event code and describe values for the event. Each event can haveseveral attributes. The value of an attribute could be anything from aninteger to a string to an image or other data.

Two versions of the XML format have been suggested: extended format andcompressed format. Below is a sample how the same message will be codedin both standards.

Let us consider a movement sensor, for example. At 10:23:15 a guardpasses a movement sensor with sensor code “1234.” The event code isdescribed as “movement.” This particular data is gathered in thecheckpoint. The checkpoint software will then generate the XML code,which would look like this:

1. Extended Format:

<message> <sensor code = “1234” <event code = “movement”> <Attributes><attribute code=”state” value=”active” <attribute code=”time”value=”10:23:15” </attributes> </events> </sensor> </message>

2. Compressed Format:

<message> <event code =“movement”>sensor=1234;state=active;time=10:23:15</ event> </message>

The generated code by the checkpoint could be encrypted (see securityprotocol) in order to keep the information undisclosed while it istransferred over the network or interne. After these 3 elements havebeen received by the BS, the SCA will process and decrypt the incomingXML code. The “event code” and “sensor code” will generate an entry inthe event log. An SQL trigger or stored procedure will process theattributes of the event. They will compare the attribute values to thealarm values stored in the database and generate an alarm eventaccordingly. The alarm event is stored in the alarm log.

SPECIFIC EXAMPLES

With the three basic elements, sensor code, event code and attributecodes, it is possible to describe the communication between the BS andthe checkpoint computer for any type of device.

Example 1

At 1:00 AM a window breaks on the 5^(th) floor of a building. Thedetector has code “1111.”

1. Extended Format

<sensor code = “1111 ” <event code = “window broken” <attributes><attribute code=”state” value=”active”> <attribute code=”time”value=”1:00 AM”> <attribute code=”floor” value=”5 ”> </attributes></events> </sensor>2. Compressed Format

<message> <event code = “window broken”>sensor=1111;state=active;time=13:00:00;floor=5 </event> </message>

The attributes make it possible to send an indefinite number ofinformation items about the event that occurred.

Example 2

Suppose a tenant wants to access room 5 of a building. The access to theroom is secured with a keypad, which asks for a password and user name.The flow of events will be as follows:

Information about entered keypad information is sent to the checkpointover a field bus. The checkpoint processes the received data andgenerates the XML code:

1. Extended Format:

<sensor code = “Authorization procedure” <event code = “login”><attributes> <attribute code=”Username” value=”User1 ”> <attributecode=”Password” value=”Guest”> <attribute code=”time” value=”3:00 PM”><attribute code=”room” value=”5 ”> </attributes> </events> </sensor>

2. Compressed Format

  <message>   <event code = “login”>   sensor=Authorization procedure;username=user;password=Guest; time=3:00PM;room=5   </event>   </message>

The XML code is encrypted by the checkpoint and transferred to the SCAon the BS.

The SCA will decrypt the XML code and process the information. Theaccess rights of this particular person will be checked in the database.

The SCA produces XML code

1. Extended Format

<sensor code = “Authorization procedure” <event code = “login”><attributes> <attribute code=”Validation” value=”granted”> <attributecode=”time” value=”3:00 PM”> <attribute code=”room” value=”5 ”></attributes> </events> </sensor>

2. Compressed Format

<message> <event code = “login”> sensor=Authorization procedure;Validation=granted;time= 3:00PM;room=5 </event> </message>

The SCA will encrypt this code and send it to the checkpoint.

The checkpoint decrypts and processes the received XML code and opensthe door.

Example 3

If for example the door access would be secured with fingerprint or eyedetection the code would look as follows:

1. Extended Format

<sensor code = “Authorization procedure”> <event code = “login”><attributes> <attribute code=”Fingerprint Data” value=“01100101001001010 10010010010010010 01010010010010010 0010100100100101110101010101010010 010010000101111 ”> <attribute code=”time” value=”3:00PM”> <attribute code=”room” value=”5 ”> </attributes> </events></sensor>

2. Compressed Format

<message> <event code = “login”> sensor=Authorization procedure;Fingerprint=01100101001001010 10010010010010010 0101001001001001000101001001001011 10101010101010010 010010000101111; time=3:00PM;room=5</event> </message>

Extended Format Versus Compressed Format

In the original extended version each attribute is represented byseparated XML tag, and each message contains a Checkpoint code (a codeunique to the checkpoint which sent the message). In the compressedformat version all information is “compressed” in one string and locatedinside the <event> XML tag.

The first version of the protocol will provide a faster processing timeon the server through extensive use of XML parser. The XML parser willvalidate message syntax and automatically load a whole message into XMLobject model. When the security system is operating on a local network,and has a large number of different sensors sending messages inreal-time, the priority is faster processing. Also, when the extendedversion of the protocol is employed, one can validate if the message hasbeen sent from the correct checkpoint, that is, if the checkpoint isauthorized to send the messages from that particular sensor.

The second compressed version of the protocol is processed slightlyslower, while decreasing the message size significantly. This is veryimportant for the sites where a broadband application for data transferis limited or shared. For example, when the security system is used on acellular network to send data from the cell phones, the priority wouldbe to minimize message size.

Security Protocol

There are several possible levels of security that could be applied inthe integrated security system and SCA.

One of them is already implemented in the application as it is describedherein. Clients will have to enter a username and password when enteringthe SCA as follows: (1) when a user logs in, the SCA creates a SessionIDwhich is a unique value (GUID). The SCA then encodes UserName andSessionID using 128 bit key and puts these three strings (UserName,SessionID and an encoded UserName+SessionID) into a cookie, which issent to the client with an HTML page; and (2) when a clientsends/requests any data to/from a SCA page on a web server, the SCAtakes these three strings from the cookie, encodes UserName andSessionID using the same key and compares the result with the encodedstring from a cookie.

The SCA then determines the access rights for this particular client.These access rights will determine to what particular parts of the SCA,the client has access and if he can edit or just view data.

The mentioned 128 bit key could also be used to encrypt the XML codethat is used for communication between the BS and checkpoints. This willhave to be looked at on an individual basis and will be furthercustomized depending upon client needs.

On top of the security that is already built into the SCA, it ispossible to provide extra security by using so called Secured SocketLayer (SSL) Web Server Certificate.

Finally, as defined herein, the term “stations” may include one or morebase stations, and one or more headquarters.

It should be understood, however, that even though these numerousembodiments, examples, characteristics and advantages of the inventionhave been set forth in the foregoing description, together with detailsof the structure and function of the invention, the disclosure isillustrative only, and changes may be made in detail, especially inmatters of shape, size, components, configuration and arrangement ofparts within the principal of the invention to the full extent indicatedby the broad general meaning of the terms in which the appended claimsare expressed.

1. A security system, comprising: a checkpoint system configured forreceiving, processing, and relaying data received from peripheralequipment comprising at least one of a plurality of sensors, videocameras, positioning systems, and mobile communication and dataprocessing equipment, and providing a human with information based onthe data; and a base station configured for logging, processing, andreporting the data relayed from the checkpoint system to provide asecurity system status and to facilitate human supervision, situationanalysis, decision making, and intervention; and a computer-implementedcommunication system that translates security alerts associated with thedata to a local dialect or language and directs the alerts to the humanby way of the checkpoint system.
 2. The security system of claim 1,wherein the checkpoint system comprises at least one of a mobilecomputer, a personal digital assistant, and a cellular telephone indirect communication with the base station.
 3. The security system ofclaim 2, wherein the checkpoint system further comprises an optical codereader.
 4. The security system of claim 1, wherein said information isan alert, a message, or a set of instructions.
 5. The security system ofclaim 1, further comprising: a headquarters station: wherein the basestation receives the data from the checkpoint system, stores the data ina database, provides human access to the data, generates alerts ifprompted by a base station software program, and communicates with saidheadquarters station; and wherein said headquarters station comprises adatabase memory unit and a back-up database memory unit, saidheadquarters station facilitating human guard supervision ofenvironmental and event-related activities, human guard situationanalysis, human intervention, and activation of securitycountermeasures, including preventing, deterring, and mitigatingcriminal acts, responding to terrorist threats and attacks, war acts,riots, civil unrest, political events, structural failures, powerfailures, electronic failures, adverse weather, fire hazards, seismicevents, variations in temperature and light conditions, and hazardousconditions requiring situation assessment and countermeasures.
 6. Thesecurity system of claim 5, wherein the base station and theheadquarters station are situated in different geographical areas, thebase station being situated in the proximity of said peripheralequipment, and said headquarters station being situated in a locationremote from the base station.
 7. The security system of claim 5, whereinthe base station is integrated with the headquarters station.
 8. Thesecurity system of claim 1, wherein the communication system operateswith XML language in a compressed format.
 9. The security system ofclaim 2, wherein the checkpoint system further comprises a globalpositioning system receiver.
 10. The security system of claim 1, whereinthe communication system is configured to translate the alerts inaccordance with local laws and regulations.
 11. The security system ofclaim 1, wherein the communication system is configured to translate thealerts using local alphabets.
 12. The security system of claim 1,wherein the checkpoint system is further configured for processing datareceived from peripheral equipment into a standardized protocol.
 13. Thesecurity system of claim 1, wherein the checkpoint system is integratedwith a mobile computer.
 14. The security system of claim 13, whereinmobile computer is integrated with at least one of a mobile computer, apersonal digital assistant, and a cellular phone.
 15. The securitysystem of claim 1, wherein the computer-implemented communication systemis integrated with the base station.
 16. A method of using a securitysystem, comprising: receiving data by a checkpoint system fromperipheral equipment comprising at least one of a plurality of sensors,video cameras, positioning systems and mobile communication and dataprocessing equipment, processing the data, relaying information based onthe data received from said peripheral equipment to a base station,providing a human guard with information based on the data; filteringthe information from the checkpoint system based on comparison tocontext data comprising recent historical data; logging the informationfrom the checkpoint system, processing the information from thecheckpoint system, reporting the information from the checkpoint systemat the base station to provide a security system status and facilitatehuman supervision, situation analysis, decision making, andintervention.
 17. The method of claim 16, further comprising: generatingalerts associated with the information from the checkpoint system, ifprompted by a base station software program; and transmitting theinformation from the base station to a headquarters station, where humansupervision of environmental and event-related activities, humansituation analysis, human intervention, and activation of securitycountermeasures are enabled, including preventions, deterrents, andmitigation of criminal acts, terrorist acts, war acts, riots, civilunrest, political events, structural failures, electronic failures,adverse weather, fire hazards, seismic events, variations in temperatureand light conditions, and hazardous conditions requiring situationassessment and countermeasures.
 18. The method of claim 17, furthercomprising exchanging the information within the security system using acommunication system with XML language using a compressed XML format.19. The method of claim 16, further comprising providing the datareceived from the peripheral equipment to a message concentrator. 20.The method of claim 19, further comprising directing the information toa message queue.
 21. The method of claim 20, further comprising sortingof the information in the message queue into more than one specificqueues corresponding a source of the information.
 22. A security systemfor interactive training of a human guard, comprising: a checkpointsystem configured for receiving, processing, and relaying data receivedfrom peripheral equipment comprising at least one of a plurality ofsensors, video cameras, positioning systems, and mobile communicationand data processing equipment, and providing a human guard withinformation based on the data; and a base station configured forlogging, processing, and reporting the data relayed from the checkpointsystem to provide a security system status and to facilitate humansupervision, situation analysis, decision making, and intervention, andwherein the security system provides the human guard with data forinteractive training of the human guard, whereby the security systemenhances the performance of the security system by improving theeducation and training of the human guard with respect to the securitysystem.
 23. The security system of claim 22, wherein the interactivetraining of the human guard comprises event drills.
 24. The securitysystem of claim 22, wherein the data for the interactive training of thehuman guard comprises operating instructions.
 25. The security system ofclaim 22, wherein the interactive training of the human guard comprisesinteractive testing of skills of the human guard related to componentsof the security system, including software, hardware, and communicationlinks.
 26. A security system, comprising: a checkpoint system configuredfor receiving, processing, and relaying data received from peripheralequipment comprising at least one of a plurality of sensors, videocameras, positioning systems, and mobile communication and dataprocessing equipment, and providing a human with information based onthe data; and a combined base station/headquarters station comprising adatabase memory unit and a back-up database memory unit, wherein saidcombined station receives the data from the checkpoint system, storesthe data in a database, provides human access to the data, generatesalerts if prompted by the station software program, and facilitateshuman supervision, situation analysis, decision making, andintervention.